Hi,
I have some problems with setting up a simple wireguard vpn on my opnsense router. When I try to connect to it the handshake initiation gets send, but the handshake don't completes and I simply have no idea how to solve it. I tried to ping the router from the wan with success and looked at the traceroute, so the connection to the router seems not to be the issue. Here is my wireguard config:
https://i.ibb.co/JmfcNdR/Screenshot-20231121-085207.png (https://i.ibb.co/JmfcNdR/Screenshot-20231121-085207.png)
https://i.ibb.co/Nnm4vQH/Screenshot-20231121-085216.png (https://i.ibb.co/Nnm4vQH/Screenshot-20231121-085216.png)
And my port forwarding rule:
https://i.ibb.co/GcCX5bW/Screenshot-20231121-085248.png (https://i.ibb.co/GcCX5bW/Screenshot-20231121-085248.png)
I also allowed the communication of the WGClients Network with all other networks.
https://i.ibb.co/hFJjZ7z/Screenshot-20231121-085335.png (https://i.ibb.co/hFJjZ7z/Screenshot-20231121-085335.png)
That firewalll roule is also in the attachments. I'm out of ideas, a config like that worked for me in another scenario the only difference is that the opnsense is behind a Fritz!Box and the Fritz!Box is doing the port forwarding to the WAN.
Thanks for your answers
Did you get this sorted out? I just had a heck of a time. You need your PublicKey in both Peer and Instance, your PresharedKey and PrivateKey both need to be filled in. Once you see the handshake in Diagnostics then worry about the rest of the setup.
I now found the problem, I wasn't using a port in the Ephemeral Range (49152 to 65535). When I use one of these ports, it works like a charm